--- name: kubestellar-console description: "Multi-cluster Kubernetes dashboard with AI-powered operations via MCP server and 10+ built-in agent skills" category: devops risk: critical source: community source_repo: kubestellar/console source_type: community date_added: "2026-04-27" author: kubestellar tags: [kubernetes, multi-cluster, mcp, dashboard, cncf, devops, observability] tools: [claude, cursor, gemini, codex] license: "Apache-2.0" license_source: "https://github.com/kubestellar/console/blob/main/LICENSE" plugin: setup: type: manual summary: "Requires kc-agent binary (brew tap kubestellar/tap && brew install kc-agent)" docs: "https://github.com/kubestellar/console#quick-start" --- # KubeStellar Console ## Overview KubeStellar Console is an open-source multi-cluster Kubernetes dashboard (CNCF project) with AI-powered operations. It ships with `kc-agent`, an MCP server that bridges coding agents to kubeconfig and Kubernetes APIs, plus 10+ built-in agent skills for development, testing, and operations. ## When to Use This Skill - Use when managing multiple Kubernetes clusters across edge and cloud - Use when you need AI-assisted Kubernetes troubleshooting and debugging - Use when running performance tests, cache compliance checks, or CI debugging on a Kubernetes dashboard - Use when integrating with CNCF projects (Argo, Kyverno, Istio, and 20+ others) ## How It Works ### Step 1: Install kc-agent ```bash brew tap kubestellar/tap && brew install kc-agent ``` ### Step 2: Start the MCP server ```bash kc-agent ``` This bridges your kubeconfig to any MCP-compatible coding agent. ### Step 3: Use built-in agent skills The project ships with agent skills accessible via `CLAUDE.md` and `AGENTS.md`: - **@perf-test** — Dashboard performance testing and TTFI analysis - **@cache-test** — Card cache compliance testing (IndexedDB warm return) - **@nav-test** — Navigation performance testing - **@ui-compliance-test** — Card loading compliance (8 criteria, 150+ cards) - **@ci-status** — CI pipeline monitoring and status checks - **@rca** — Root cause analysis for CI/test failures - **@tdd** — Test-driven development workflow - **@k8s-debug** — Kubernetes debugging and troubleshooting ## Key Features - Multi-cluster management across edge and cloud - Real-time streaming observability - 20+ CNCF project integrations (Argo, Kyverno, Istio, etc.) - GitHub OAuth authentication - Supply chain security (SBOM, SLSA) - SQLite WASM caching with stale-while-revalidate pattern - 15+ themes with dark/light mode ## Security & Safety Notes - **Critical risk:** `kc-agent` bridges your kubeconfig to MCP-compatible agents. If your kubeconfig carries cluster-admin or write permissions, agents will inherit those capabilities. Always use a least-privilege RBAC context. - **Recommended:** Bind `kc-agent` to least-privilege read-only RBAC before using it with an agent: ```bash kubectl create clusterrole kc-agent-readonly --verb=get,list,watch --resource='*' kubectl create clusterrolebinding kc-agent-readonly --clusterrole=kc-agent-readonly --serviceaccount=default:kc-agent ``` - Do not expose `kc-agent` on a public network without authentication. - Review [SECURITY-AI.md](https://github.com/kubestellar/console/blob/main/docs/security/SECURITY-AI.md) for prompt injection and agent drift mitigations. ## Limitations - This skill requires an external binary (`kc-agent`) installed separately via Homebrew. - Do not treat agent output as a substitute for environment-specific validation or expert review. - Stop and ask for clarification if required permissions or safety boundaries are unclear. ## Links - [GitHub](https://github.com/kubestellar/console) - [Website](https://console.kubestellar.io) - [CLAUDE.md](https://github.com/kubestellar/console/blob/main/CLAUDE.md) - [AGENTS.md](https://github.com/kubestellar/console/blob/main/AGENTS.md)